WO2015118877A1 - Authentication control system, and gateway device - Google Patents

Authentication control system, and gateway device Download PDF

Info

Publication number
WO2015118877A1
WO2015118877A1 PCT/JP2015/000534 JP2015000534W WO2015118877A1 WO 2015118877 A1 WO2015118877 A1 WO 2015118877A1 JP 2015000534 W JP2015000534 W JP 2015000534W WO 2015118877 A1 WO2015118877 A1 WO 2015118877A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
mobile terminal
identification information
server
home
Prior art date
Application number
PCT/JP2015/000534
Other languages
French (fr)
Japanese (ja)
Inventor
毅波 張
清隆 竹原
Original Assignee
パナソニックIpマネジメント株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by パナソニックIpマネジメント株式会社 filed Critical パナソニックIpマネジメント株式会社
Publication of WO2015118877A1 publication Critical patent/WO2015118877A1/en

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • EFIXED CONSTRUCTIONS
    • E05LOCKS; KEYS; WINDOW OR DOOR FITTINGS; SAFES
    • E05FDEVICES FOR MOVING WINGS INTO OPEN OR CLOSED POSITION; CHECKS FOR WINGS; WING FITTINGS NOT OTHERWISE PROVIDED FOR, CONCERNED WITH THE FUNCTIONING OF THE WING
    • E05F15/00Power-operated mechanisms for wings
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means

Definitions

  • the present invention relates to an authentication control system and a gateway device that perform authentication control when opening and closing a switching device.
  • Patent Document 1 discloses a device that acquires user identification information using a card reader, performs authentication based on the acquired identification information, and controls opening and closing of a gate (opening and closing device).
  • Patent Document 2 discloses a device that acquires user identification information using a barcode reader, performs authentication based on the acquired identification information, and controls opening / closing of a gate (opening / closing device).
  • the present invention provides an authentication control system and a gateway device that can improve user convenience when opening and closing the opening and closing device.
  • the authentication control system of the present invention is an authentication control system that controls opening and closing of a switching device.
  • the authentication control system includes a gateway device that is arranged in a home and has gateway identification information, and a server device that generates and provides authentication information.
  • the gateway device receives the mobile terminal identification information from the mobile terminal, and transmits the gateway identification information and the mobile terminal identification information to the server device.
  • a server apparatus produces
  • the authentication information is used for the portable terminal to transmit a gate opening signal for opening the opening / closing device to the opening / closing device.
  • the server device may manage the mobile terminal identification information in association with identification information of a predetermined switchgear among the plurality of switchgears.
  • the server device may generate authentication information for the identification information of the predetermined opening / closing device for the portable terminal identification information.
  • the server device may transmit the generated authentication information to the mobile terminal.
  • the authentication information may be invalidated when the gate opening signal is transmitted to the opening / closing device a predetermined number of times, and then validated again by communication between the mobile terminal and the gateway device.
  • the gateway device of the present invention is a gateway device that is arranged in a house and controls the opening and closing of the switchgear.
  • the gateway device receives the mobile terminal identification information from the mobile terminal, generates authentication information for the received mobile terminal identification information, and transmits the generated authentication information to the mobile terminal.
  • the authentication information is used for the portable terminal to transmit a gate opening signal for opening the opening / closing device to the opening / closing device.
  • the user can perform authentication for opening and closing the gate using the mobile terminal even at a location away from the gate. Therefore, user convenience is improved.
  • FIG. It is a figure which shows the functional structure of the authentication control system which concerns on Embodiment 1.
  • FIG. It is a figure which shows the functional structure of the portable terminal of the authentication control system which concerns on Embodiment 1.
  • FIG. It is a figure which shows the functional structure of the home GW of the authentication control system which concerns on Embodiment 1.
  • FIG. It is a figure which shows the functional structure of the server of the authentication control system which concerns on Embodiment 1.
  • FIG. It is a figure which shows the structure of the basic storage table which the memory
  • 5 is a flowchart for explaining the operation of a registration unit of the mobile terminal according to the first embodiment.
  • 5 is a flowchart for explaining the operation of the authentication control unit of the mobile terminal according to the first embodiment.
  • 6 is a flowchart illustrating an operation of a registration management unit of the home GW according to the first embodiment.
  • 6 is a flowchart illustrating an operation of a registration processing unit of the server according to the first embodiment.
  • 5 is a flowchart for explaining the operation of the authentication processing unit of the server according to the first embodiment.
  • FIG. 5 is a flowchart for explaining the operation of the opening / closing control unit of the server according to the first embodiment. It is a figure which shows the structure of the basic storage table which the memory
  • the present invention is for controlling the opening and closing of a gate, and provides an authentication control system and an authentication control method that can cope with a distance of several meters to several tens of meters and has high security.
  • FIG. 1 is a diagram showing a configuration of an authentication control system according to Embodiment 1 of the present invention.
  • the authentication control system of Embodiment 1 includes a home gateway 10 (hereinafter referred to as “home GW 10” as appropriate), a wireless access point 20 (hereinafter referred to as “wireless AP 20” as appropriate), and a router 30 in a user's dwelling unit.
  • the authentication control system also includes a wireless access point 40 (hereinafter referred to as “wireless AP 40” as appropriate) at the entrance gate and the parking lot gate of the apartment house.
  • the wireless access point 40 can output a signal for opening / closing control to the controller of each gate.
  • the authentication control system also includes a server 60 at a predetermined location.
  • the server 60, wireless AP 20, wireless AP 40, router 30, and home GW 10 are connected to a network such as a LAN or the Internet. In the present embodiment, authentication is possible using the user's portable terminal 70.
  • FIG. 2 is a diagram illustrating a functional configuration of the mobile terminal 70 of the authentication control system according to the first embodiment.
  • the mobile terminal 70 includes an entrance / exit authentication client 71 and a communication unit 72.
  • the entrance / exit authentication client 71 includes a storage unit 73, a registration unit 74, and an authentication control unit 75.
  • the mobile terminal 70 is a mobile phone terminal device such as a smartphone.
  • FIG. 3 is a diagram illustrating a functional configuration of the home GW 10 of the authentication control system according to the first embodiment.
  • the home GW 10 includes a storage unit 11, a registration management unit 12, and a communication unit 13.
  • the home GW 10 is a gateway device connected to a network such as a LAN.
  • FIG. 4 is a diagram illustrating a functional configuration of the server 60 of the authentication control system according to the first embodiment.
  • the server 60 includes an entrance / exit authentication server 61 and a communication unit 62.
  • the entrance / exit authentication server 61 includes a storage unit 63, a registration processing unit 64, an authentication processing unit 65, and an opening / closing control unit 66.
  • the server 60 receives access from the home GW 10, the mobile terminal 70, and the like via a network such as the Internet, and performs various controls for opening and closing the gate.
  • the function of the mobile terminal 70 shown in FIG. 2, the function of the home GW 10 shown in FIG. 3, and the function of the server 60 shown in FIG. 4 can be configured by an information processing apparatus having a calculation function.
  • the information processing apparatus includes a CPU, a memory, a communication interface, an operation unit, and the like.
  • the memory stores a program and data for enabling authentication control in the present embodiment.
  • the CPU executes these programs and data while exchanging signals with the communication interface, operation unit, display unit, etc., the function of the portable terminal 70 shown in FIG. 2, the function of the home GW 10 shown in FIG. 3, and FIG.
  • FIG. 5 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 73 of the mobile terminal 70 according to the first embodiment.
  • the basic storage table of the storage unit 73 of the mobile terminal 70 includes the ID of the mobile terminal, the ID of the home GW, the authentication key, the address of the home wireless AP, the password of the home wireless AP, the address of the server, and the wireless AP 1 of the gate 1.
  • the address, the password of the wireless AP 1 of the gate 1, the address of the wireless AP 2 of the gate 2, the password of the wireless AP 2 of the gate 2 are recorded.
  • the address of the wireless AP and the password of the wireless AP of the gate are recorded for each of the third and more gates.
  • FIG. 6 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 11 of the home GW 10 according to the first embodiment.
  • the ID of the home GW In the basic storage table of the storage unit 11 of the home GW 10, the ID of the home GW, the ID of the mobile terminal, the registration status (valid / invalid) of the mobile terminal, the server address, and authentication information with the server are recorded.
  • a plurality of portable terminal IDs and portable terminal registration states (valid / invalid) can be recorded. This is because a plurality of mobile terminals 70 may exist in one house.
  • FIG. 7 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 63 of the server 60 according to the first embodiment.
  • the ID of the home GW1 of the dwelling unit 1 and the authentication information with the home GW1 of the dwelling unit 1 are recorded. Further, in the basic storage table of the storage unit 63 of the server 60, the ID of the portable terminal of the dwelling unit 1, the registration status (valid / invalid) of the portable terminal of the dwelling unit 1, and the authentication key of the portable terminal of the dwelling unit 1 are recorded. .
  • the basic storage table of the storage unit 63 of the server 60 can record a plurality of mobile terminal IDs and mobile terminal registration states (valid / invalid). This is because a plurality of mobile terminals may exist in one house.
  • the same items as those of the dwelling unit 1 can be recorded in the basic storage table of the storage unit 63 of the server 60 for a plurality of dwelling units.
  • the address of the wireless AP 1 of the gate 1 and the open / closed state of the gate 1 are recorded in the basic storage table of the storage unit 63 of the server 60.
  • the same items as those of the gate 1 can be recorded for each gate. .
  • the registration unit 74 of the entrance / exit authentication client 71 passes through the communication unit 72 of the mobile terminal 70. Then, a registration request is sent to the home GW 10 via the home wireless AP 20.
  • the registration request includes at least the ID (mobile terminal identification information) of the mobile terminal 70.
  • the home GW 10 stores the ID of the mobile terminal 70 received from the communication unit 13 by the registration management unit 12 and adds the ID (gateway identification information) of the home GW 10 itself to the server 60.
  • the registration processing unit 64 of the server 60 compares the received ID of the home GW 10 with the ID of the registered home GW 10 and, if successful, generates an authentication key. An address of the wireless AP 40 installed in the network and a list of passwords (authentication information) are returned to the home GW 10.
  • the registration processing unit 64 of the home GW 10 transmits the authentication key and the list of addresses and passwords of the wireless AP 40 to the mobile terminal 70.
  • the registration unit 74 of the portable terminal 70 stores the authentication key, the address of the wireless AP 40 and a list of passwords in the storage unit 73. This enables the authentication control unit 75 to operate.
  • the authentication control unit 75 of the entrance / exit authentication client 71 of the mobile terminal 70 is pushed by a resident when the mobile terminal 70 is within a predetermined distance from the gate. Then, the wireless AP 40 of the gate is authenticated using the wireless AP 40 password. If the authentication is successful, the authentication control unit 75 stores the ID of the mobile terminal 70 and the authentication key in the gate opening message and transmits them to the server 60.
  • the authentication processing unit 65 of the server 60 collates the ID and authentication key of the portable terminal 70 and transmits the collation result to the portable terminal 70 via the wireless AP 40.
  • the opening / closing control unit 66 of the server 60 succeeds in collating the ID and authentication key of the portable terminal 70, it transmits a gate open command to the wireless AP 40 and opens the corresponding gate.
  • FIG. 8 is a flowchart for explaining the operation of the registration unit 74 of the portable terminal 70 according to the first embodiment.
  • the registration unit 74 of the mobile terminal 70 connects to the home GW 10 (S11).
  • the registration unit 74 of the mobile terminal 70 transmits a registration request to the home GW 10 using the ID of the mobile terminal 70 (S12).
  • the registration unit 74 of the mobile terminal 70 receives a response from the home GW 10 (S13).
  • the registration unit 74 of the mobile terminal 70 determines whether the authentication key and the address and password of at least one wireless AP 40 have been received (S14).
  • the registration unit 74 of the mobile terminal 70 stores the authentication key and the address and password of the wireless AP 40 (S15).
  • the registration unit 74 of the mobile terminal 70 enables the authentication control unit 75 (S16).
  • the registration unit 74 of the mobile terminal 70 determines that the registration is successful (S17).
  • the registration unit 74 of the mobile terminal 70 determines that the registration has failed (S18).
  • FIG. 9 is a flowchart for explaining the operation of the authentication control unit 75 of the portable terminal 70 according to the first embodiment.
  • the authentication control unit 75 of the mobile terminal 70 sets the gate to be opened (S21).
  • the authentication control unit 75 of the mobile terminal 70 connects to the server 60 through authentication with the wireless AP 40 of the gate (S22).
  • the authentication control unit 75 of the mobile terminal 70 transmits an authentication key and gate identification information (name or number) (S23).
  • the authentication control unit 75 of the mobile terminal 70 receives the response from the server 60 (S24).
  • the authentication control unit 75 of the mobile terminal 70 determines whether an authentication success response has been received (S25).
  • the authentication control unit 75 of the mobile terminal 70 displays a screen indicating that the gate has been successfully opened.
  • the authentication control unit 75 of the mobile terminal 70 displays a screen indicating the gate opening failure.
  • FIG. 10 is a flowchart for explaining the operation of the registration management unit 12 of the home GW 10 according to the first embodiment.
  • the registration management unit 12 of the home GW 10 receives an entry / exit registration request from the mobile terminal 70 (S31).
  • the registration management unit 12 of the home GW 10 records the ID of the mobile terminal 70 (S32).
  • the registration management unit 12 of the home GW 10 transmits the ID of the mobile terminal 70, the ID of the home GW 10 itself, and server authentication information to the server 60 (S33).
  • the “server authentication information” is information for mutual authentication exchanged between the server 60 and the corresponding home GW 10 when the home GW 10 of the dwelling unit is registered in the server 60.
  • the “server authentication information” is, for example, a shared key or an authentication token.
  • the registration management unit 12 of the home GW 10 receives a response from the server 60 (S34).
  • the registration management unit 12 of the home GW 10 determines whether an authentication key and an address and password of at least one wireless AP 40 have been received (S35).
  • the registration management unit 12 of the home GW 10 adds the address of the server 60 to the response of the server 60 and transfers it to the portable terminal 70 (S36).
  • the registration management unit 12 of the home GW 10 effectively changes the registration state of the mobile terminal 70 (S37).
  • the registration management unit 12 of the home GW 10 transfers the response of the server 60 to the portable terminal 70 as it is (S38). .
  • FIG. 11 is a flowchart for explaining the operation of the registration processing unit 64 of the server 60 according to the first embodiment.
  • the registration processing unit 64 of the server 60 receives a registration request for the entrance / exit mobile terminal 70 from the home GW 10 (S41).
  • the registration processing unit 64 of the server 60 collates the ID and authentication information of the home GW 10 (S42).
  • the registration processing unit 64 of the server 60 determines whether the collation is successful (S43).
  • the registration processing unit 64 of the server 60 If the verification is successful (YES in S43), the registration processing unit 64 of the server 60 generates an authentication key and stores it together with the ID of the home GW 10 and the ID of the portable terminal 70 (S44).
  • the registration processing unit 64 of the server 60 transmits the authentication key and the address / password of the wireless AP 40 of each gate to the home GW 10 (S45).
  • the registration processing unit 64 of the server 60 returns a verification failure message (S46).
  • FIG. 12 is a flowchart for explaining the operation of the authentication processing unit 65 of the server 60 according to the first embodiment.
  • the authentication processing unit 65 of the server 60 receives a gate opening request from the mobile terminal 70 (S41).
  • the authentication processing unit 65 of the server 60 collates the authentication key included in the gate opening request with the ID of the portable terminal 70 (S52).
  • the authentication processing unit 65 of the server 60 determines whether the verification is successful (S53).
  • the authentication processing unit 65 of the server 60 returns a collation success message (S55).
  • the authentication processing unit 65 of the server 60 activates the opening / closing control unit 66 (S55).
  • the authentication processing unit 65 of the server 60 returns a collation failure message (S56).
  • FIG. 13 is a flowchart illustrating the operation of the open / close control unit 66 of the server 60 according to the first embodiment.
  • the open / close control unit 66 of the server 60 receives the gate identification information (S61).
  • the open / close control unit 66 of the server 60 transmits a gate open message to the wireless AP 40 of the corresponding gate (S62).
  • the opening / closing control unit 66 of the server 60 records an opening / closing control log (S63).
  • the home GW 10 may be a unique information facility in a dwelling unit, for example, a HEMS (Home Energy Management System) controller.
  • HEMS Home Energy Management System
  • the communication unit 72 of the mobile terminal 70 may use a wireless LAN, Bluetooth (registered trademark), or the like.
  • the ID of the mobile terminal 70 may be a serial number of the mobile terminal 70 body, a SIM ID, a MAC address, or the like.
  • the reply message from the server 60 in the case of successful registration may further include not only the address and password of the wireless AP 40 of each gate but also information such as the encryption communication method of the wireless AP 40.
  • the addresses of the wireless APs 20 and 40 those corresponding thereto, for example, the SSID (Service Set ID) of the wireless AP may be used.
  • the SSID Service Set ID
  • the opening / closing control unit 66 of the server 60 may perform gate opening / closing control through the gate opening / closing controller actually connected to the wireless AP 40.
  • the closing operation may be performed by transmitting a control message from the server 60, or may be left to an original closing function attached to the gate opening / closing controller.
  • the authentication control unit 75 of the mobile terminal 70 may re-execute from Step S21 depending on the communication status or the like after displaying the gate opening failure screen in Step S27 of the flowchart of FIG.
  • the registration management unit of the home GW 10 transmits the ID of the mobile terminal 70, the ID of the home GW 10 itself, and the server authentication information to the server 60 in step S33 of the flowchart of FIG. If security is separately guaranteed, server authentication information need not be transmitted.
  • the registration processing unit 64 of the server 60 generates an authentication key when the verification is successful in step S43 of the flowchart of FIG. 11, but when the second and subsequent portable terminals 70 are registered in the same unit, one unit is registered.
  • the authentication key generated at the time of registering the eyes may be used.
  • the authentication control system of this embodiment is an authentication control system that controls opening and closing of a gate (opening and closing device).
  • the authentication control system generates a home GW 10 (gateway device) having gateway identification information (ID of the home GW 10) and authentication information (authentication key, wireless AP 40 address and password, server 60 address) that is placed in the house.
  • a server 60 server device to be provided.
  • Home GW 10 receives mobile terminal identification information (ID of mobile terminal 70) from mobile terminal 70, and transmits gateway identification information and mobile terminal identification information to server 60.
  • the server 60 generates authentication information for the mobile terminal identification information by authenticating the gateway identification information received from the home GW 10.
  • the server 60 transmits the generated authentication information to the mobile terminal 70.
  • the authentication information is used for the portable terminal 70 to transmit a gate opening signal for opening the gate to the gate.
  • the user can perform authentication for opening and closing the gate using the mobile terminal 70 even at a place away from the gate. Therefore, user convenience is improved.
  • the registration processing unit 64 of the server 60 determines the address of the specific wireless AP 40 and its password based on the contract status of the dwelling unit and the request from the portable terminal 70. Or just reply to that list.
  • FIG. 2 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 63 of the server 60 according to the second embodiment.
  • a list of gates that can be opened and closed is recorded in addition to the items of the basic storage table of the storage unit 63 of the server 60 of the first embodiment.
  • a plurality of mobile terminal IDs, mobile terminal registration states (valid / invalid), and openable / closable gate lists can be recorded. This is because a plurality of mobile terminals may exist in one house.
  • the registration processing unit 64 of the server 60 compares the received ID of the home GW 10 with the ID of the registered home GW 10 and, if successful, confirms the contract status of the corresponding unit and uses it.
  • a list of possible gates is transmitted to the mobile terminal 70 via the home GW 10.
  • the registration processing unit 64 of the server 60 returns it to the server 60 via the home GW 10.
  • the registration processing unit 64 of the server 60 generates an authentication key, and returns a list of the authentication key, the address of the wireless AP 40 installed at the gate selected by the resident, and its password.
  • the home GW 10 may also store a copy of the contract information of the dwelling unit and the list of available gates, and the mobile terminal 70 may acquire such information from the home GW 10.
  • the server 60 when a plurality of gates (opening / closing devices) are provided, the server 60 (server device) includes a plurality of gates in the mobile terminal identification information (ID of the mobile terminal 70).
  • the identification information (address) of a predetermined gate is associated and managed.
  • gateway identification information home GW 10 ID
  • portable terminal identification information are transmitted from the home GW 10
  • the server 60 authenticates authentication information (authentication key, wireless AP 40 address and password, server, server) 60 addresses) is generated for the mobile terminal identification information.
  • the server 60 transmits the generated authentication information to the mobile terminal 70.
  • a gate that can be opened and closed and a gate that cannot be opened can be set for the mobile terminal 70 according to the contract status of the dwelling unit and the intention of the resident. Therefore, unnecessary entrance / exit authentication control processing can be limited.
  • the home GW 10 not the server 60, generates an authentication key and transmits it to the mobile terminal 70.
  • FIG. 15 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 11 of the home GW 10 according to the third embodiment.
  • an ID of the home GW In the basic storage table of the storage unit 11 of the home GW 10, an ID of the home GW, an ID of the mobile terminal, a registration state (valid / invalid), an authentication key, and a list of gates that can be opened and closed are recorded. Further, the address of the wireless AP 1 of the gate 1 and the password of the wireless AP 1 of the gate 1 are recorded in the basic storage table of the storage unit 11 of the home GW 10. A plurality of portable terminal IDs and portable terminal registration states (valid / invalid) can be recorded. This is because a plurality of mobile terminals may exist in one house. When there are a plurality of gates, the same items as those of the gate 1 can be recorded for each gate.
  • the registration management unit 12 of the home GW 10 stores the ID of the mobile terminal 70 received from the communication unit 13. In addition, the registration management unit 12 generates an authentication key, and returns to the portable terminal 70 the list of the authentication key, the address of the wireless AP 40 installed in the gate that can be passed by default and contract, and the password.
  • the registration unit 74 of the portable terminal 70 stores the authentication key, the wireless AP 40 address and a list of passwords in the storage unit 73. As a result, the authentication control unit 75 of the mobile terminal 70 can be operated.
  • the registration processing unit of the home GW 10 transmits to the server 60 a list of the registered mobile terminal 70 ID, authentication key, wireless AP 40 address, and password.
  • the registration processing unit 64 of the server 60 stores the ID of the mobile terminal 70, the authentication key, the address of the wireless AP 40, and a list of passwords in the storage unit 63.
  • FIG. 16 is a flowchart for explaining the operation of the registration management unit 12 of the home GW 10 according to the third embodiment.
  • the registration management unit 12 of the home GW 10 receives an entry / exit registration request from the mobile terminal 70 (S71).
  • the registration management unit 12 of the home GW 10 generates an authentication key and stores it together with the ID of the mobile terminal 70 (S72).
  • the registration management unit 12 of the home GW 10 transmits the authentication key and the address / password of the wireless AP 40 of the predetermined gate to the portable terminal 70 (S73).
  • the registration management unit 12 of the home GW 10 transmits the authentication key and the ID of the portable terminal 70 to the server 60 (S74).
  • the registration management unit 12 of the home GW 10 effectively changes the registration state of the mobile terminal 70 (S75).
  • FIG. 17 is a flowchart for explaining the operation of the registration processing unit 64 of the server 60 according to the third embodiment.
  • the registration processing unit 64 of the server 60 receives a registration request for the entrance / exit mobile terminal 70 from the home GW 10 (S81).
  • the registration processing unit 64 of the server 60 stores the authentication key and the address / password of the wireless AP 40 included in the registration request together with the ID of the home GW 10 and the ID of the portable terminal 70 (S82).
  • the home GW 10 may not acquire the wireless AP 40 of each gate and its password, and may acquire it from the server 60 when there is a registration request from the mobile terminal 70.
  • the home GW 10 of the present embodiment is a gateway device that is arranged in a house and controls the opening and closing of a gate (opening / closing device).
  • the home GW 10 receives mobile terminal identification information (ID of the mobile terminal 70) from the mobile terminal 70, and generates authentication information (authentication key, wireless AP 40 address and password, server 60 address) for the received mobile terminal identification information. Then, the generated authentication information is transmitted to the mobile terminal 70.
  • the authentication information is used for the portable terminal 70 to transmit a gate opening signal for opening the gate to the gate.
  • the processing load of the server 60 relating to registration and authentication key generation can be distributed to the home GW 10. Therefore, acquisition, validation / invalidation of the user authentication key can be performed quickly.
  • the authentication processing unit 65 of the server 60 receives a gate opening request from the mobile terminal 70 a predetermined number of times, the authentication processing unit 65 invalidates the authentication key of the mobile terminal 70, that is, the registration state. As a result, the authentication control unit 75 of the portable terminal 70 becomes inoperable.
  • the registration unit 74 of the mobile terminal 70 transmits a re-registration request to the home GW 10. Then, the registration management unit 12 of the home GW 10 transfers a re-registration request to the server 60.
  • the registration processing unit 64 of the server 60 When receiving the re-registration request, the registration processing unit 64 of the server 60 changes the authentication key of the mobile terminal 70, that is, the registration state to be valid.
  • the authentication key may be invalidated if it is not used for a predetermined time.
  • Authentication key may be used for gate opening operation only for first entry and first entry. In other words, authentication control may be performed using the mobile terminal 70 and the authentication key even at the entrance.
  • the home GW 10 may be provided with a function for invalidating registration of the mobile terminal 70.
  • the authentication information becomes invalid when the gate opening signal is transmitted to the gate (opening / closing device) a predetermined number of times, and then the mobile terminal 70 and the home GW 10 communicate with each other. It becomes effective again.
  • authentication control that causes a computer (information processing device) to function as a server 60 (server device) that generates and provides authentication information in an authentication control system that controls opening and closing of a gate (opening and closing device).
  • a program is provided.
  • the authentication control system The home GW 10 (gateway device) is provided in the house and has gateway identification information (ID of the home GW 10).
  • Home GW10 Mobile terminal identification information (ID of the mobile terminal 70) is received from the mobile terminal 70, and the gateway identification information and the mobile terminal identification information are transmitted to the server 60.
  • the authentication information is used for the portable terminal 70 to transmit a gate opening signal for opening the gate to the gate.
  • the authentication control program Generating authentication information for the mobile terminal identification information by authenticating the gateway identification information received from the home GW 10;
  • the generated authentication information is caused to function as a server 60 that transmits to the mobile terminal.
  • the authentication control method and program of the present invention are embodied in the first, second, and fourth embodiments and their modifications.
  • the program may be provided in a state stored in a storage medium.

Abstract

This authentication control system controls the opening and closing of a gate. The authentication control system is provided with: a home GW (10) which is disposed in a home, and which is provided with gateway identification information (a home-GW (10) ID); and a server (60) which generates and provides authentication information (an authentication key, the address and password for a wireless AP (40), and the address for the server (60)). The home GW (10) receives, from a mobile terminal (70), mobile-terminal identification information (a mobile-terminal (70) ID), and transmits the gateway identification information and the mobile-terminal identification information to the server (60). The server (60) generates authentication information for the mobile-terminal identification information by authenticating the gateway identification information received from the home GW (10), and transmits the generated authentication information to the mobile terminal (70). The authentication information is used by the mobile terminal (70) to transmit, to the gate, a gate-opening signal for opening the gate.

Description

認証制御システム、ゲートウェイ装置Authentication control system, gateway device
 本発明は、開閉装置の開閉時の認証制御を行う認証制御システム及びゲートウェイ装置に関する。 The present invention relates to an authentication control system and a gateway device that perform authentication control when opening and closing a switching device.
 特許文献1には、カードリーダを利用してユーザの識別情報を取得し、取得した識別情報に基づいて認証を行い、ゲート(開閉装置)の開閉制御を行う装置が開示されている。 Patent Document 1 discloses a device that acquires user identification information using a card reader, performs authentication based on the acquired identification information, and controls opening and closing of a gate (opening and closing device).
 特許文献2には、バーコードリーダを利用してユーザの識別情報を取得し、取得した識別情報に基づいて認証を行い、ゲート(開閉装置)の開閉制御を行う装置が開示されている。 Patent Document 2 discloses a device that acquires user identification information using a barcode reader, performs authentication based on the acquired identification information, and controls opening / closing of a gate (opening / closing device).
特開2006―251934号公報JP 2006-251934 A 特開2011―76520号公報JP 2011-76520 A
 特許文献1、2のいずれの装置においても、ユーザ認証のために、ユーザはリーダの近くまで行く必要がある。 In any of the devices disclosed in Patent Documents 1 and 2, the user needs to go close to the reader for user authentication.
 本発明は、開閉装置の開閉時のユーザの利便性を向上可能な認証制御システム及びゲートウェイ装置を提供する。 The present invention provides an authentication control system and a gateway device that can improve user convenience when opening and closing the opening and closing device.
 本発明の認証制御システムは、開閉装置の開閉を制御する認証制御システムである。認証制御システムは、宅内に配置され、ゲートウェイ識別情報を有するゲートウェイ装置と、認証情報を生成して提供するサーバ装置と、を備える。ゲートウェイ装置は、携帯端末から携帯端末識別情報を受信し、ゲートウェイ識別情報及び携帯端末識別情報をサーバ装置へ送信する。サーバ装置は、ゲートウェイ装置から受信したゲートウェイ識別情報を認証することによって携帯端末識別情報に対する認証情報を生成し、生成した認証情報を携帯端末に送信する。認証情報は、携帯端末が、開閉装置に開閉装置を開くためのゲート開信号を送信するために使用される。 The authentication control system of the present invention is an authentication control system that controls opening and closing of a switching device. The authentication control system includes a gateway device that is arranged in a home and has gateway identification information, and a server device that generates and provides authentication information. The gateway device receives the mobile terminal identification information from the mobile terminal, and transmits the gateway identification information and the mobile terminal identification information to the server device. A server apparatus produces | generates the authentication information with respect to portable terminal identification information by authenticating the gateway identification information received from the gateway apparatus, and transmits the produced | generated authentication information to a portable terminal. The authentication information is used for the portable terminal to transmit a gate opening signal for opening the opening / closing device to the opening / closing device.
 複数の開閉装置が設けられている場合に、サーバ装置は、携帯端末識別情報に複数の開閉装置のうちの所定の開閉装置の識別情報を対応付けて管理してもよい。サーバ装置は、ゲートウェイ装置からゲートウェイ識別情報及び携帯端末識別情報が送信されてきたときに、所定の開閉装置の識別情報に対する認証情報を携帯端末識別情報に対して生成してもよい。サーバ装置は、生成した認証情報を携帯端末に送信してもよい。 When a plurality of switchgears are provided, the server device may manage the mobile terminal identification information in association with identification information of a predetermined switchgear among the plurality of switchgears. When the gateway identification information and the portable terminal identification information are transmitted from the gateway device, the server device may generate authentication information for the identification information of the predetermined opening / closing device for the portable terminal identification information. The server device may transmit the generated authentication information to the mobile terminal.
 認証情報は、開閉装置にゲート開信号が所定回数送信されたときに無効となり、その後、携帯端末とゲートウェイ装置とが通信することによって再度有効となってもよい。 The authentication information may be invalidated when the gate opening signal is transmitted to the opening / closing device a predetermined number of times, and then validated again by communication between the mobile terminal and the gateway device.
 本発明のゲートウェイ装置は、宅内に配置され、開閉装置の開閉を制御するゲートウェイ装置である。ゲートウェイ装置は、携帯端末から携帯端末識別情報を受信し、受信した携帯端末識別情報に対する認証情報を生成し、生成した認証情報を携帯端末に送信する。認証情報は、携帯端末が、開閉装置に、開閉装置を開くためのゲート開信号を送信するために使用される。 The gateway device of the present invention is a gateway device that is arranged in a house and controls the opening and closing of the switchgear. The gateway device receives the mobile terminal identification information from the mobile terminal, generates authentication information for the received mobile terminal identification information, and transmits the generated authentication information to the mobile terminal. The authentication information is used for the portable terminal to transmit a gate opening signal for opening the opening / closing device to the opening / closing device.
 本発明によれば、ユーザは、ゲートから離れた場所においても、携帯端末を利用して、ゲートの開閉のための認証を行うことができる。そのため、ユーザの利便性が向上する。 According to the present invention, the user can perform authentication for opening and closing the gate using the mobile terminal even at a location away from the gate. Therefore, user convenience is improved.
実施形態1に係る認証制御システムの機能的構成を示す図である。It is a figure which shows the functional structure of the authentication control system which concerns on Embodiment 1. FIG. 実施形態1に係る認証制御システムの携帯端末の機能的構成を示す図である。It is a figure which shows the functional structure of the portable terminal of the authentication control system which concerns on Embodiment 1. FIG. 実施形態1に係る認証制御システムのホームGWの機能的構成を示す図である。It is a figure which shows the functional structure of the home GW of the authentication control system which concerns on Embodiment 1. FIG. 実施形態1に係る認証制御システムのサーバの機能的構成を示す図である。It is a figure which shows the functional structure of the server of the authentication control system which concerns on Embodiment 1. FIG. 実施形態1に係る携帯端末の記憶部が記憶する基本記憶テーブルの構成を示す図である。It is a figure which shows the structure of the basic storage table which the memory | storage part of the portable terminal which concerns on Embodiment 1 memorize | stores. 実施形態1に係るホームGWの記憶部が記憶する基本記憶テーブルの構成を示す図である。It is a figure which shows the structure of the basic storage table which the memory | storage part of the home GW which concerns on Embodiment 1 memorize | stores. 実施形態1に係るサーバの記憶部が記憶する基本記憶テーブルの構成を示す図である。It is a figure which shows the structure of the basic storage table which the memory | storage part of the server which concerns on Embodiment 1 memorize | stores. 実施形態1に係る携帯端末の登録部の動作を説明するフローチャートである。5 is a flowchart for explaining the operation of a registration unit of the mobile terminal according to the first embodiment. 実施形態1に係る携帯端末の認証制御部の動作を説明するフローチャートである。5 is a flowchart for explaining the operation of the authentication control unit of the mobile terminal according to the first embodiment. 実施形態1に係るホームGWの登録管理部の動作を説明するフローチャートである。6 is a flowchart illustrating an operation of a registration management unit of the home GW according to the first embodiment. 実施形態1に係るサーバの登録処理部の動作を説明するフローチャートである。6 is a flowchart illustrating an operation of a registration processing unit of the server according to the first embodiment. 実施形態1に係るサーバの認証処理部の動作を説明するフローチャートである。5 is a flowchart for explaining the operation of the authentication processing unit of the server according to the first embodiment. 実施形態1に係るサーバの開閉制御部の動作を説明するフローチャートである。5 is a flowchart for explaining the operation of the opening / closing control unit of the server according to the first embodiment. 実施形態2に係るサーバの記憶部が記憶する基本記憶テーブルの構成を示す図である。It is a figure which shows the structure of the basic storage table which the memory | storage part of the server which concerns on Embodiment 2 memorize | stores. 実施形態3に係るホームGWの記憶部が記憶する基本記憶テーブルの構成を示す図である。It is a figure which shows the structure of the basic storage table which the memory | storage part of the home GW which concerns on Embodiment 3 memorize | stores. 実施形態3に係るホームGWの登録管理部の動作を説明するフローチャートである。10 is a flowchart illustrating an operation of a registration management unit of a home GW according to the third embodiment. 実施形態3に係るサーバの登録処理部の動作を説明するフローチャートである。10 is a flowchart illustrating an operation of a registration processing unit of a server according to the third embodiment.
 本発明の実施形態について説明する。 Embodiments of the present invention will be described.
(発明の背景)
 従来、集合住宅の共通ゲート、例えば、エントランスゲート、駐車場ゲートや他公用施設のゲート・ドアの開閉には、各ゲート用のリモコンキーやカードを使う必要がある。また、リモコンキーやカードを利用するためには、これらを発行してもらう必要がある。また、リモコンキーやカードの紛失時には、無効化と追加発行が必要である。つまり、リモコンキーやカードの利用に際しては、複雑な手続きが必要であり時間もかかる。 (Background of the Invention)
Conventionally, it is necessary to use a remote control key and a card for each gate to open and close a common gate of an apartment, for example, an entrance gate, a parking gate, and a gate / door of another public facility. In order to use remote control keys and cards, it is necessary to have these issued. Also, if the remote control key or card is lost, it must be invalidated and additionally issued. That is, when using a remote control key or a card, a complicated procedure is required and takes time.
 集合住宅の共通ゲートの開閉の認証のため、IC認証や生体認証を用いる技術が存在する。しかし、IC認証や生体認証においては、ユーザがリーダ(センサ)の近くに接近しないと、リーダ(センサ)が認証情報を取得できない。つまり、ユーザが、リーダ(センサ)から、例えば数メートルから数十メートル離れた遠い位置にいるときには、対応できないという欠点がある。 There are technologies that use IC authentication or biometric authentication to authenticate the opening and closing of common gates in apartment buildings. However, in IC authentication and biometric authentication, the reader (sensor) cannot acquire authentication information unless the user approaches the reader (sensor). That is, there is a drawback that it is impossible to cope with when the user is at a position far from the reader (sensor), for example, several meters to several tens of meters.
 本発明は、ゲートの開閉を制御するためのものであり、数メートルから数十メートルの距離にも対応でき、かつ高いセキュリティ性を有する認証制御システム及び認証制御方法を提供する。 The present invention is for controlling the opening and closing of a gate, and provides an authentication control system and an authentication control method that can cope with a distance of several meters to several tens of meters and has high security.
 具体的に、(1)携帯端末(スマートフォン等)を利用して集合住宅等の各種のゲートの開閉制御が出来るソフトウェア及びシステムを提供する。
(2)開閉制御用の認証キー等をユーザ(住人)自身で取得・更新出来る仕組みを提供する。
(3)携帯端末の紛失時等の無効化処理をユーザ(住人)自身で行える機能を提供する。
(4)セキュリティ性の高い(なりすまし、不正侵入などの防止が可能な)認証制御方法を提供する。 Specifically, (1) Software and a system capable of controlling opening and closing of various gates such as a housing complex using a mobile terminal (smartphone or the like) are provided.
(2) Provide a mechanism by which the user (resident) himself can acquire and update an authentication key for opening / closing control.
(3) Provide a function that allows the user (resident) to perform invalidation processing when the mobile terminal is lost.
(4) To provide an authentication control method with high security (which can prevent impersonation and unauthorized intrusion).
(実施形態1)
1.構成
 図1は、本発明の実施形態1に係る認証制御システムの構成を示す図である。 (Embodiment 1)
1. Configuration FIG. 1 is a diagram showing a configuration of an authentication control system according to Embodiment 1 of the present invention.
 実施形態1の認証制御システムは、ユーザの住戸に、ホームゲートウェイ10(以下適宜「ホームGW10」という)、無線アクセスポイント20(以下適宜「無線AP20」という)、ルータ30を備える。また、認証制御システムは、集合住宅のエントランスゲート及び駐車場ゲートにそれぞれ無線アクセスポイント40(以下適宜「無線AP40」という)を備える。無線アクセスポイント40は、各ゲートのコントローラに開閉制御のための信号を出力することができる。また、認証制御システムは、所定の場所にサーバ60を備える。サーバ60、無線AP20、無線AP40、ルータ30、ホームGW10は、LAN、インターネット等のネットワークに接続されている。本実施形態では、ユーザの携帯端末70を用いて認証を可能としている。 The authentication control system of Embodiment 1 includes a home gateway 10 (hereinafter referred to as “home GW 10” as appropriate), a wireless access point 20 (hereinafter referred to as “wireless AP 20” as appropriate), and a router 30 in a user's dwelling unit. The authentication control system also includes a wireless access point 40 (hereinafter referred to as “wireless AP 40” as appropriate) at the entrance gate and the parking lot gate of the apartment house. The wireless access point 40 can output a signal for opening / closing control to the controller of each gate. The authentication control system also includes a server 60 at a predetermined location. The server 60, wireless AP 20, wireless AP 40, router 30, and home GW 10 are connected to a network such as a LAN or the Internet. In the present embodiment, authentication is possible using the user's portable terminal 70.
 図2は、実施形態1に係る認証制御システムの携帯端末70の機能的構成を示す図である。 FIG. 2 is a diagram illustrating a functional configuration of the mobile terminal 70 of the authentication control system according to the first embodiment.
 携帯端末70は、入出門認証クライアント71、通信部72を有する。入出門認証クライアント71は、記憶部73、登録部74、認証制御部75を有する。携帯端末70は、例えばスマートフォン等の携帯電話端末装置である。 The mobile terminal 70 includes an entrance / exit authentication client 71 and a communication unit 72. The entrance / exit authentication client 71 includes a storage unit 73, a registration unit 74, and an authentication control unit 75. The mobile terminal 70 is a mobile phone terminal device such as a smartphone.
 図3は、実施形態1に係る認証制御システムのホームGW10の機能的構成を示す図である。 FIG. 3 is a diagram illustrating a functional configuration of the home GW 10 of the authentication control system according to the first embodiment.
 ホームGW10は、記憶部11、登録管理部12、通信部13を有する。ホームGW10は、LAN等のネットワークに接続されたゲートウェイ装置である。 The home GW 10 includes a storage unit 11, a registration management unit 12, and a communication unit 13. The home GW 10 is a gateway device connected to a network such as a LAN.
 図4は、実施形態1に係る認証制御システムのサーバ60の機能的構成を示す図である。 FIG. 4 is a diagram illustrating a functional configuration of the server 60 of the authentication control system according to the first embodiment.
 サーバ60は、入出門認証サーバ61、通信部62を有する。入出門認証サーバ61は、記憶部63、登録処理部64、認証処理部65、開閉制御部66を有する。サーバ60は、インターネット等のネットワークを介したホームGW10、携帯端末70等からのアクセスを受け付け、ゲートの開閉のための種々の制御等を行う。 The server 60 includes an entrance / exit authentication server 61 and a communication unit 62. The entrance / exit authentication server 61 includes a storage unit 63, a registration processing unit 64, an authentication processing unit 65, and an opening / closing control unit 66. The server 60 receives access from the home GW 10, the mobile terminal 70, and the like via a network such as the Internet, and performs various controls for opening and closing the gate.
 図2に示す携帯端末70の機能、図3に示すホームGW10の機能、図4に示すサーバ60の機能は、演算機能を有する情報処理装置により構成可能である。情報処理装置は、CPU、メモリ、通信インタフェース、操作部等を有する。メモリには、本実施形態における認証制御を実行可能とするためのプログラムやデータが記憶されている。これらのプログラムやデータを、CPUが通信インタフェース、操作部、表示部等と信号を授受しつつ実行することにより、図2に示す携帯端末70の機能、図3に示すホームGW10の機能、図4に示すサーバ60の機能が実現される。 The function of the mobile terminal 70 shown in FIG. 2, the function of the home GW 10 shown in FIG. 3, and the function of the server 60 shown in FIG. 4 can be configured by an information processing apparatus having a calculation function. The information processing apparatus includes a CPU, a memory, a communication interface, an operation unit, and the like. The memory stores a program and data for enabling authentication control in the present embodiment. When the CPU executes these programs and data while exchanging signals with the communication interface, operation unit, display unit, etc., the function of the portable terminal 70 shown in FIG. 2, the function of the home GW 10 shown in FIG. 3, and FIG. The function of the server 60 shown in FIG.
 図5は、実施形態1に係る携帯端末70の記憶部73が記憶する基本記憶テーブルの構成を示す図である。 FIG. 5 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 73 of the mobile terminal 70 according to the first embodiment.
 携帯端末70の記憶部73の基本記憶テーブルには、当該携帯端末のID、ホームGWのID、認証キー、自宅無線APのアドレス、自宅無線APのパスワード、サーバのアドレス、ゲート1の無線AP1のアドレス、ゲート1の無線AP1のパスワード、ゲート2の無線AP2のアドレス、ゲート2の無線AP2のパスワード等が記録されている。ゲートが2個以上ある場合は、3個目以上のゲートのそれぞれについて、無線APのアドレス、ゲートの無線APのパスワードが記録されている。 The basic storage table of the storage unit 73 of the mobile terminal 70 includes the ID of the mobile terminal, the ID of the home GW, the authentication key, the address of the home wireless AP, the password of the home wireless AP, the address of the server, and the wireless AP 1 of the gate 1. The address, the password of the wireless AP 1 of the gate 1, the address of the wireless AP 2 of the gate 2, the password of the wireless AP 2 of the gate 2 are recorded. When there are two or more gates, the address of the wireless AP and the password of the wireless AP of the gate are recorded for each of the third and more gates.
 図6は、実施形態1に係るホームGW10の記憶部11が記憶する基本記憶テーブルの構成を示す図である。 FIG. 6 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 11 of the home GW 10 according to the first embodiment.
 ホームGW10の記憶部11の基本記憶テーブルには、当該ホームGWのID、携帯端末のID、携帯端末の登録状態(有効/無効)、サーバのアドレス、サーバとの認証情報が記録されている。ホームGW10の記憶部11の基本記憶テーブルには、携帯端末のID、携帯端末の登録状態(有効/無効)を複数記録可能である。1つの住宅に複数台の携帯端末70が存在することがあるからである。 In the basic storage table of the storage unit 11 of the home GW 10, the ID of the home GW, the ID of the mobile terminal, the registration status (valid / invalid) of the mobile terminal, the server address, and authentication information with the server are recorded. In the basic storage table of the storage unit 11 of the home GW 10, a plurality of portable terminal IDs and portable terminal registration states (valid / invalid) can be recorded. This is because a plurality of mobile terminals 70 may exist in one house.
 図7は、実施形態1に係るサーバ60の記憶部63が記憶する基本記憶テーブルの構成を示す図である。 FIG. 7 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 63 of the server 60 according to the first embodiment.
 サーバ60の記憶部63の基本記憶テーブルには、住戸1のホームGW1のID、住戸1のホームGW1との認証情報が記録されている。また、サーバ60の記憶部63の基本記憶テーブルには、住戸1の携帯端末のID、住戸1の携帯端末の登録状態(有効/無効)、住戸1の携帯端末の認証キーが記録されている。サーバ60の記憶部63の基本記憶テーブルには、携帯端末のID、携帯端末の登録状態(有効/無効)を複数記録可能である。1つの住宅に複数台の携帯端末が存在することがあるからである。 In the basic storage table of the storage unit 63 of the server 60, the ID of the home GW1 of the dwelling unit 1 and the authentication information with the home GW1 of the dwelling unit 1 are recorded. Further, in the basic storage table of the storage unit 63 of the server 60, the ID of the portable terminal of the dwelling unit 1, the registration status (valid / invalid) of the portable terminal of the dwelling unit 1, and the authentication key of the portable terminal of the dwelling unit 1 are recorded. . The basic storage table of the storage unit 63 of the server 60 can record a plurality of mobile terminal IDs and mobile terminal registration states (valid / invalid). This is because a plurality of mobile terminals may exist in one house.
 また、サーバ60の記憶部63の基本記憶テーブルには、複数戸の住戸に関して、上記住戸1と同様の項目を記録可能である。 Moreover, the same items as those of the dwelling unit 1 can be recorded in the basic storage table of the storage unit 63 of the server 60 for a plurality of dwelling units.
 また、サーバ60の記憶部63の基本記憶テーブルには、ゲート1の無線AP1のアドレス、ゲート1の開閉状態が記録されている。ゲートが複数存在する場合は、ゲート毎にゲート1と同様の項目を記録可能である。         Further, the address of the wireless AP 1 of the gate 1 and the open / closed state of the gate 1 are recorded in the basic storage table of the storage unit 63 of the server 60. When there are a plurality of gates, the same items as those of the gate 1 can be recorded for each gate. .
2.動作
2-1.概要
 本実施形態の認証制御システムの動作の概要を説明する。なお、(1)~(7)は、図1における丸印の1~7に対応する。 2. Operation 2-1. Outline An outline of the operation of the authentication control system of this embodiment will be described. Note that (1) to (7) correspond to circles 1 to 7 in FIG.
(1)住人により、携帯端末70にインストールされている入出門認証クライアント71が起動され、登録が選択されると、入出門認証クライアント71の登録部74は、携帯端末70の通信部72を介して宅内の無線AP20経由でホームGW10に登録要求を送る。登録要求には少なくとも携帯端末70のID(携帯端末識別情報)が含まれる。 (1) When the entrance / exit authentication client 71 installed in the mobile terminal 70 is activated by the resident and registration is selected, the registration unit 74 of the entrance / exit authentication client 71 passes through the communication unit 72 of the mobile terminal 70. Then, a registration request is sent to the home GW 10 via the home wireless AP 20. The registration request includes at least the ID (mobile terminal identification information) of the mobile terminal 70.
(2)ホームGW10は、通信部13から受信した携帯端末70のIDを登録管理部12によって記憶するとともに、ホームGW10自身のID(ゲートウェイ識別情報)を加えてサーバ60に転送する。 (2) The home GW 10 stores the ID of the mobile terminal 70 received from the communication unit 13 by the registration management unit 12 and adds the ID (gateway identification information) of the home GW 10 itself to the server 60.
(3)サーバ60の登録処理部64は、受信したホームGW10のIDを、登録されている住戸のホームGW10のIDと照合し、成功すれば、認証キーを生成し、認証キーと、各ゲートに設置されている無線AP40のアドレスとそのパスワードのリスト(認証情報)をホームGW10に返信する。 (3) The registration processing unit 64 of the server 60 compares the received ID of the home GW 10 with the ID of the registered home GW 10 and, if successful, generates an authentication key. An address of the wireless AP 40 installed in the network and a list of passwords (authentication information) are returned to the home GW 10.
(4)ホームGW10の登録処理部64は、認証キーと、無線AP40のアドレス及びパスワードのリストを携帯端末70に送信する。携帯端末70の登録部74は、認証キーと、無線AP40のアドレスとそのパスワードのリストを記憶部73に記憶する。これにより、認証制御部75を動作可能とさせる。 (4) The registration processing unit 64 of the home GW 10 transmits the authentication key and the list of addresses and passwords of the wireless AP 40 to the mobile terminal 70. The registration unit 74 of the portable terminal 70 stores the authentication key, the address of the wireless AP 40 and a list of passwords in the storage unit 73. This enables the authentication control unit 75 to operate.
(5)携帯端末70がゲートから所定距離の範囲内にあるときに、住人により携帯端末70の入出門認証クライアント71のゲート開ボタンが押されると、入出門認証クライアント71の認証制御部75は、当該ゲートの無線AP40に対して当該無線AP40のパスワードを用いて認証する。認証が成功すると、認証制御部75は、携帯端末70のIDと認証キーをゲート開メッセージに格納してサーバ60に送信する。 (5) When the gate opening button of the entrance / exit authentication client 71 of the mobile terminal 70 is pushed by a resident when the mobile terminal 70 is within a predetermined distance from the gate, the authentication control unit 75 of the entrance / exit authentication client 71 is Then, the wireless AP 40 of the gate is authenticated using the wireless AP 40 password. If the authentication is successful, the authentication control unit 75 stores the ID of the mobile terminal 70 and the authentication key in the gate opening message and transmits them to the server 60.
(6)サーバ60の認証処理部65は、携帯端末70のID、認証キーを照合し、照合結果を無線AP40経由で携帯端末70に送信する。 (6) The authentication processing unit 65 of the server 60 collates the ID and authentication key of the portable terminal 70 and transmits the collation result to the portable terminal 70 via the wireless AP 40.
(7)サーバ60の開閉制御部66は、携帯端末70のID、認証キーの照合に成功した場合、無線AP40にゲート開コマンドを送信し、該当ゲートを開く。 (7) When the opening / closing control unit 66 of the server 60 succeeds in collating the ID and authentication key of the portable terminal 70, it transmits a gate open command to the wireless AP 40 and opens the corresponding gate.
2-2.携帯端末の登録部の動作
 図8は、実施形態1に係る携帯端末70の登録部74の動作を説明するフローチャートである。 2-2. Operation of Registration Unit of Portable Terminal FIG. 8 is a flowchart for explaining the operation of the registration unit 74 of the portable terminal 70 according to the first embodiment.
 携帯端末70の登録部74は、ホームGW10に接続する(S11)。 The registration unit 74 of the mobile terminal 70 connects to the home GW 10 (S11).
 携帯端末70の登録部74は、当該携帯端末70のIDを用いてホームGW10に登録要求を送信する(S12)。 The registration unit 74 of the mobile terminal 70 transmits a registration request to the home GW 10 using the ID of the mobile terminal 70 (S12).
 携帯端末70の登録部74は、ホームGW10からの応答を受信する(S13)。 The registration unit 74 of the mobile terminal 70 receives a response from the home GW 10 (S13).
 携帯端末70の登録部74は、認証キー、及び、少なくとも1つの無線AP40のアドレス及びパスワードを受信したか判定する(S14)。 The registration unit 74 of the mobile terminal 70 determines whether the authentication key and the address and password of at least one wireless AP 40 have been received (S14).
 認証キー、及び、少なくとも1つの無線AP40のアドレス及びパスワードを受信した場合(S14でYES)、携帯端末70の登録部74は、認証キー、及び無線AP40のアドレス及びパスワードを保存する(S15)。 When the authentication key and the address and password of at least one wireless AP 40 are received (YES in S14), the registration unit 74 of the mobile terminal 70 stores the authentication key and the address and password of the wireless AP 40 (S15).
 携帯端末70の登録部74は、認証制御部75を動作可能にする(S16)。 The registration unit 74 of the mobile terminal 70 enables the authentication control unit 75 (S16).
 携帯端末70の登録部74は、登録が成功したと判断する(S17)。 The registration unit 74 of the mobile terminal 70 determines that the registration is successful (S17).
 認証キー、及び、少なくとも1つの無線AP40のアドレス及びパスワードを受信していない場合(S14でNO)、携帯端末70の登録部74は、登録が失敗したと判断する(S18)。 If the authentication key and the address and password of at least one wireless AP 40 have not been received (NO in S14), the registration unit 74 of the mobile terminal 70 determines that the registration has failed (S18).
2-3.携帯端末の認証制御部の動作
 図9は、実施形態1に係る携帯端末70の認証制御部75の動作を説明するフローチャートである。 2-3. Operation of Authentication Control Unit of Portable Terminal FIG. 9 is a flowchart for explaining the operation of the authentication control unit 75 of the portable terminal 70 according to the first embodiment.
 ユーザにより対象のゲートが選択されると、携帯端末70の認証制御部75は、開くゲートを設定する(S21)。 When the target gate is selected by the user, the authentication control unit 75 of the mobile terminal 70 sets the gate to be opened (S21).
 携帯端末70の認証制御部75は、当該ゲートの無線AP40との認証を経てサーバ60に接続する(S22)。 The authentication control unit 75 of the mobile terminal 70 connects to the server 60 through authentication with the wireless AP 40 of the gate (S22).
 携帯端末70の認証制御部75は、認証キーとゲート識別情報(名称あるいは番号)を送信する(S23)。 The authentication control unit 75 of the mobile terminal 70 transmits an authentication key and gate identification information (name or number) (S23).
 携帯端末70の認証制御部75は、サーバ60からの応答を受信する(S24)。 The authentication control unit 75 of the mobile terminal 70 receives the response from the server 60 (S24).
 携帯端末70の認証制御部75は、認証成功の応答を受信したか判定する(S25)。 The authentication control unit 75 of the mobile terminal 70 determines whether an authentication success response has been received (S25).
 認証成功の応答を受信した場合(S25でYES)、携帯端末70の認証制御部75は、ゲート開成功の画面を表示する。 When the authentication success response is received (YES in S25), the authentication control unit 75 of the mobile terminal 70 displays a screen indicating that the gate has been successfully opened.
 認証成功の応答を受信していない場合(S25でNO)、携帯端末70の認証制御部75は、ゲート開失敗の画面を表示する。 If the authentication success response has not been received (NO in S25), the authentication control unit 75 of the mobile terminal 70 displays a screen indicating the gate opening failure.
2-4.ホームGWの登録管理部の動作
 図10は、実施形態1に係るホームGW10の登録管理部12の動作を説明するフローチャートである。 2-4. Operation of Registration Management Unit of Home GW FIG. 10 is a flowchart for explaining the operation of the registration management unit 12 of the home GW 10 according to the first embodiment.
 ホームGW10の登録管理部12は、携帯端末70から入出門用の登録要求を受信する(S31)。 The registration management unit 12 of the home GW 10 receives an entry / exit registration request from the mobile terminal 70 (S31).
 ホームGW10の登録管理部12は、携帯端末70のIDを記録する(S32)。 The registration management unit 12 of the home GW 10 records the ID of the mobile terminal 70 (S32).
 ホームGW10の登録管理部12は、携帯端末70のID、ホームGW10自身のID、及びサーバ認証情報をサーバ60に送信する(S33)。「サーバ認証情報」とは、住戸のホームGW10がサーバ60に登録された際に、サーバ60と該当ホームGW10との間で交換された相互認証用の情報である。「サーバ認証情報」は、例えば、共用鍵や認証トークンなどである。 The registration management unit 12 of the home GW 10 transmits the ID of the mobile terminal 70, the ID of the home GW 10 itself, and server authentication information to the server 60 (S33). The “server authentication information” is information for mutual authentication exchanged between the server 60 and the corresponding home GW 10 when the home GW 10 of the dwelling unit is registered in the server 60. The “server authentication information” is, for example, a shared key or an authentication token.
 ホームGW10の登録管理部12は、サーバ60からの応答を受信する(S34)。 The registration management unit 12 of the home GW 10 receives a response from the server 60 (S34).
 ホームGW10の登録管理部12は、認証キー、及び、少なくとも1つの無線AP40のアドレス及びパスワードを受信したか判定する(S35)。 The registration management unit 12 of the home GW 10 determines whether an authentication key and an address and password of at least one wireless AP 40 have been received (S35).
 認証キー、及び、少なくとも1つの無線AP40のアドレス及びパスワードを受信した場合(S35でYES)、ホームGW10の登録管理部12は、サーバ60の応答にサーバ60のアドレスを加えて携帯端末70に転送する(S36)。 When the authentication key and the address and password of at least one wireless AP 40 are received (YES in S35), the registration management unit 12 of the home GW 10 adds the address of the server 60 to the response of the server 60 and transfers it to the portable terminal 70 (S36).
 ホームGW10の登録管理部12は、携帯端末70の登録状態を有効に変更する(S37)。 The registration management unit 12 of the home GW 10 effectively changes the registration state of the mobile terminal 70 (S37).
 認証キー、及び、少なくとも1つの無線AP40のアドレス及びパスワードを受信していない場合(S35でNO)、ホームGW10の登録管理部12は、サーバ60の応答をそのまま携帯端末70に転送する(S38)。 When the authentication key and the address and password of at least one wireless AP 40 have not been received (NO in S35), the registration management unit 12 of the home GW 10 transfers the response of the server 60 to the portable terminal 70 as it is (S38). .
2-5.サーバの登録処理部の動作
 図11は、実施形態1に係るサーバ60の登録処理部64の動作を説明するフローチャートである。 2-5. Operation of Registration Processing Unit of Server FIG. 11 is a flowchart for explaining the operation of the registration processing unit 64 of the server 60 according to the first embodiment.
 サーバ60の登録処理部64は、ホームGW10から入出門用の携帯端末70の登録要求を受信する(S41)。 The registration processing unit 64 of the server 60 receives a registration request for the entrance / exit mobile terminal 70 from the home GW 10 (S41).
 サーバ60の登録処理部64は、ホームGW10のID、認証情報を照合する(S42)。 The registration processing unit 64 of the server 60 collates the ID and authentication information of the home GW 10 (S42).
 サーバ60の登録処理部64は、照合が成功したか判定する(S43)。 The registration processing unit 64 of the server 60 determines whether the collation is successful (S43).
 照合が成功した場合(S43でYESの場合)、サーバ60の登録処理部64は、認証キーを生成し、ホームGW10のIDと携帯端末70のIDとともに保存する(S44)。 If the verification is successful (YES in S43), the registration processing unit 64 of the server 60 generates an authentication key and stores it together with the ID of the home GW 10 and the ID of the portable terminal 70 (S44).
 サーバ60の登録処理部64は、認証キー、各ゲートの無線AP40のアドレス/パスワードをホームGW10に送信する(S45)。 The registration processing unit 64 of the server 60 transmits the authentication key and the address / password of the wireless AP 40 of each gate to the home GW 10 (S45).
 照合が成功しなかった場合(S43でNOの場合)、サーバ60の登録処理部64は、照合失敗のメッセージを返信する(S46)。 If the verification is not successful (NO in S43), the registration processing unit 64 of the server 60 returns a verification failure message (S46).
2-5.サーバの認証処理部の動作
 図12は、実施形態1に係るサーバ60の認証処理部65の動作を説明するフローチャートである。 2-5. Operation of Authentication Processing Unit of Server FIG. 12 is a flowchart for explaining the operation of the authentication processing unit 65 of the server 60 according to the first embodiment.
 サーバ60の認証処理部65は、携帯端末70からゲート開要求を受信する(S41)。 The authentication processing unit 65 of the server 60 receives a gate opening request from the mobile terminal 70 (S41).
 サーバ60の認証処理部65は、ゲート開要求に含まれる認証キー、携帯端末70のIDを照合する(S52)。 The authentication processing unit 65 of the server 60 collates the authentication key included in the gate opening request with the ID of the portable terminal 70 (S52).
 サーバ60の認証処理部65は、照合が成功したか判定する(S53)。 The authentication processing unit 65 of the server 60 determines whether the verification is successful (S53).
 照合が成功した場合(S53でYESの場合)、サーバ60の認証処理部65は、照合成功のメッセージを返信する(S55)。 When the collation is successful (YES in S53), the authentication processing unit 65 of the server 60 returns a collation success message (S55).
 サーバ60の認証処理部65は、開閉制御部66を起動する(S55)。 The authentication processing unit 65 of the server 60 activates the opening / closing control unit 66 (S55).
 照合が失敗した場合(S53でYESの場合)、サーバ60の認証処理部65は、照合失敗のメッセージを返信する(S56)。 If the collation fails (YES in S53), the authentication processing unit 65 of the server 60 returns a collation failure message (S56).
2-5.サーバの開閉制御部の動作
 図13は、実施形態1に係るサーバ60の開閉制御部66の動作を説明するフローチャートである。 2-5. Operation of Server Open / Close Control Unit FIG. 13 is a flowchart illustrating the operation of the open / close control unit 66 of the server 60 according to the first embodiment.
 サーバ60の開閉制御部66は、ゲート識別情報を受信する(S61)。 The open / close control unit 66 of the server 60 receives the gate identification information (S61).
 サーバ60の開閉制御部66は、該当ゲートの無線AP40にゲート開メッセージを送信する(S62)。 The open / close control unit 66 of the server 60 transmits a gate open message to the wireless AP 40 of the corresponding gate (S62).
 サーバ60の開閉制御部66は、開閉制御ログを記録する(S63)。 The opening / closing control unit 66 of the server 60 records an opening / closing control log (S63).
2-6.本実施形態の変形例
2-6-1.構成の変形例
 ホームGW10は、住戸内の固有情報設備、例えば、HEMS(Home Energy Management System)コントローラであってもよい。 2-6. Modification Example 2-6-1. Configuration Variations The home GW 10 may be a unique information facility in a dwelling unit, for example, a HEMS (Home Energy Management System) controller.
 携帯端末70の通信部72は、無線LANやBluetooth(登録商標)などを利用してもよい。 The communication unit 72 of the mobile terminal 70 may use a wireless LAN, Bluetooth (registered trademark), or the like.
 携帯端末70のIDは、携帯端末70本体の製造番号、SIM ID、MAC アドレスなどでもよい。 The ID of the mobile terminal 70 may be a serial number of the mobile terminal 70 body, a SIM ID, a MAC address, or the like.
 上述の動作(3)において、サーバ60からの登録成功の場合の返信メッセージに、各ゲートの無線AP40のアドレスとそのパスワードだけでなく、無線AP40の暗号通信方式等情報をさらに含んでもよい。 In the above operation (3), the reply message from the server 60 in the case of successful registration may further include not only the address and password of the wireless AP 40 of each gate but also information such as the encryption communication method of the wireless AP 40.
 無線AP20、40のアドレスとして、それに相当するもの、例えば、無線APのSSID(Service Set ID)を使ってもよい。 As the addresses of the wireless APs 20 and 40, those corresponding thereto, for example, the SSID (Service Set ID) of the wireless AP may be used.
 上述の動作(7)において、サーバ60の開閉制御部66は、実際に無線AP40につながっているゲート開閉コントローラを通してゲートの開閉制御を行ってもよい。また、閉操作は、サーバ60から制御メッセージを送信する形で行ってもよいし、ゲート開閉コントローラに付属している本来の閉機能に任せてもよい。 In the above-described operation (7), the opening / closing control unit 66 of the server 60 may perform gate opening / closing control through the gate opening / closing controller actually connected to the wireless AP 40. The closing operation may be performed by transmitting a control message from the server 60, or may be left to an original closing function attached to the gate opening / closing controller.
2-6-2.フローチャートの変形例
 携帯端末70の登録部74は、図8のフローチャートのステップS16において、認証制御部75を動作可にするが、認証制御部75自体が判断して動作可にするようにしてもよい。 2-6-2. Modified Example of Flowchart The registration unit 74 of the mobile terminal 70 enables the authentication control unit 75 in step S16 of the flowchart of FIG. 8, but the authentication control unit 75 itself determines and enables the operation. Good.
 携帯端末70の認証制御部75は、図9のフローチャートのステップS27において、ゲート開失敗の画面を表示後、通信状況等により、ステップS21から再実行してもよい。 The authentication control unit 75 of the mobile terminal 70 may re-execute from Step S21 depending on the communication status or the like after displaying the gate opening failure screen in Step S27 of the flowchart of FIG.
 ホームGW10の登録管理部は、図10のフローチャートのステップS33において、携帯端末70のID、ホームGW10自身のIDおよびサーバ認証情報をサーバ60に送信するが、ホームGW10とサーバ60との間で既に別途でセキュリティが保証されている場合は、サーバ認証情報については送信しなくてもよい。 The registration management unit of the home GW 10 transmits the ID of the mobile terminal 70, the ID of the home GW 10 itself, and the server authentication information to the server 60 in step S33 of the flowchart of FIG. If security is separately guaranteed, server authentication information need not be transmitted.
 サーバ60の登録処理部64は、図11のフローチャートのステップS43において、照合成功した場合、認証キーを生成するが、同住戸で2台目以降の携帯端末70が登録される場合は、1台目の登録時に生成した認証キーを流用してもよい。 The registration processing unit 64 of the server 60 generates an authentication key when the verification is successful in step S43 of the flowchart of FIG. 11, but when the second and subsequent portable terminals 70 are registered in the same unit, one unit is registered. The authentication key generated at the time of registering the eyes may be used.
3.まとめ
 本実施形態の認証制御システムは、ゲート(開閉装置)の開閉を制御する認証制御システムである。認証制御システムは、宅内に配置され、ゲートウェイ識別情報(ホームGW10のID)を有するホームGW10(ゲートウェイ装置)と、認証情報(認証キー、無線AP40のアドレス及びパスワード、サーバ60のアドレス)を生成して提供するサーバ60(サーバ装置)と、を備える。ホームGW10は、携帯端末70から携帯端末識別情報(携帯端末70のID)を受信し、ゲートウェイ識別情報及び携帯端末識別情報をサーバ60へ送信する。サーバ60は、ホームGW10から受信したゲートウェイ識別情報を認証することによって携帯端末識別情報に対する認証情報を生成する。サーバ60は、生成した認証情報を携帯端末70に送信する。認証情報は、携帯端末70が、ゲートに、ゲートを開くためのゲート開信号を送信するために使用される。 3. Summary The authentication control system of this embodiment is an authentication control system that controls opening and closing of a gate (opening and closing device). The authentication control system generates a home GW 10 (gateway device) having gateway identification information (ID of the home GW 10) and authentication information (authentication key, wireless AP 40 address and password, server 60 address) that is placed in the house. And a server 60 (server device) to be provided. Home GW 10 receives mobile terminal identification information (ID of mobile terminal 70) from mobile terminal 70, and transmits gateway identification information and mobile terminal identification information to server 60. The server 60 generates authentication information for the mobile terminal identification information by authenticating the gateway identification information received from the home GW 10. The server 60 transmits the generated authentication information to the mobile terminal 70. The authentication information is used for the portable terminal 70 to transmit a gate opening signal for opening the gate to the gate.
 本実施形態によれば、ユーザは、ゲートから離れた場所においても、携帯端末70を利用して、ゲートの開閉のための認証を行うことができる。そのため、ユーザの利便性が向上する。 According to the present embodiment, the user can perform authentication for opening and closing the gate using the mobile terminal 70 even at a place away from the gate. Therefore, user convenience is improved.
(実施形態2)
 実施形態2では、実施形態1で説明した動作(3)において、サーバ60の登録処理部64は、住戸の契約状況および携帯端末70からの要求に基づいて、特定の無線AP40のアドレスとそのパスワードまたはそのリストだけ返信する。 (Embodiment 2)
In the second embodiment, in the operation (3) described in the first embodiment, the registration processing unit 64 of the server 60 determines the address of the specific wireless AP 40 and its password based on the contract status of the dwelling unit and the request from the portable terminal 70. Or just reply to that list.
1.構成
 図2は、実施形態2に係るサーバ60の記憶部63が記憶する基本記憶テーブルの構成を示す図である。 1. Configuration FIG. 2 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 63 of the server 60 according to the second embodiment.
 実施形態2に係るサーバ60の記憶部63の基本記憶テーブルには、実施形態1のサーバ60の記憶部63の基本記憶テーブルの項目に加え、開閉可能なゲートのリストが記録されている。サーバ60の記憶部63の基本記憶テーブルには、携帯端末のID、携帯端末の登録状態(有効/無効)、及び開閉可能なゲートのリストを複数記録可能である。1つの住宅に複数台の携帯端末が存在することがあるからである。 In the basic storage table of the storage unit 63 of the server 60 according to the second embodiment, a list of gates that can be opened and closed is recorded in addition to the items of the basic storage table of the storage unit 63 of the server 60 of the first embodiment. In the basic storage table of the storage unit 63 of the server 60, a plurality of mobile terminal IDs, mobile terminal registration states (valid / invalid), and openable / closable gate lists can be recorded. This is because a plurality of mobile terminals may exist in one house.
 本実施形態では、サーバ60の登録処理部64は、受信したホームGW10のIDを、登録されている住戸のホームGW10のIDと照合し、成功すれば、該当住戸の契約状況を確認し、利用可能なゲートのリストをホームGW10経由で携帯端末70に送信する。住人により、表示された前記ゲートのリストから入出希望のゲートが選択されると、サーバ60の登録処理部64は、ホームGW10経由でサーバ60に返送する。サーバ60の登録処理部64は、認証キーを生成し、認証キーと、住人の選択したゲートに設置されている無線AP40のアドレスとそのパスワードのリストを返信する。 In this embodiment, the registration processing unit 64 of the server 60 compares the received ID of the home GW 10 with the ID of the registered home GW 10 and, if successful, confirms the contract status of the corresponding unit and uses it. A list of possible gates is transmitted to the mobile terminal 70 via the home GW 10. When the resident selects a desired gate from the displayed list of gates, the registration processing unit 64 of the server 60 returns it to the server 60 via the home GW 10. The registration processing unit 64 of the server 60 generates an authentication key, and returns a list of the authentication key, the address of the wireless AP 40 installed at the gate selected by the resident, and its password.
2.本実施形態の変形例
 住戸の契約情報のコピー、及び利用可能なゲートのリストを、ホームGW10も記憶しておき、携帯端末70はそれらの情報をホームGW10から取得するようにしてもよい。 2. Modified example of this embodiment The home GW 10 may also store a copy of the contract information of the dwelling unit and the list of available gates, and the mobile terminal 70 may acquire such information from the home GW 10.
3.まとめ 3. Summary
 本実施形態の認証制御システムによれば、複数のゲート(開閉装置)が設けられている場合に、サーバ60(サーバ装置)は、携帯端末識別情報(携帯端末70のID)に複数のゲートのうちの所定のゲートの識別情報(アドレス)を対応付けて管理する。サーバ60は、ホームGW10からゲートウェイ識別情報(ホームGW10のID)及び携帯端末識別情報が送信されてきたときに、所定のゲートの識別情報に対する認証情報(認証キー、無線AP40のアドレス及びパスワード、サーバ60のアドレス)を携帯端末識別情報に対して生成する。サーバ60は、生成した認証情報を携帯端末70に送信する。 According to the authentication control system of the present embodiment, when a plurality of gates (opening / closing devices) are provided, the server 60 (server device) includes a plurality of gates in the mobile terminal identification information (ID of the mobile terminal 70). The identification information (address) of a predetermined gate is associated and managed. When gateway identification information (home GW 10 ID) and portable terminal identification information are transmitted from the home GW 10, the server 60 authenticates authentication information (authentication key, wireless AP 40 address and password, server, server) 60 addresses) is generated for the mobile terminal identification information. The server 60 transmits the generated authentication information to the mobile terminal 70.
 これにより、住戸の契約状態および住人の意向により、開閉できるゲートとできないゲートを携帯端末70に対して設定することができる。そのため、不必要な入出門認証制御処理を制限できる。 Thereby, a gate that can be opened and closed and a gate that cannot be opened can be set for the mobile terminal 70 according to the contract status of the dwelling unit and the intention of the resident. Therefore, unnecessary entrance / exit authentication control processing can be limited.
(実施形態3)
 実施形態3では、認証キーを、サーバ60ではなくホームGW10が生成して、携帯端末70に送信する。 (Embodiment 3)
In the third embodiment, the home GW 10, not the server 60, generates an authentication key and transmits it to the mobile terminal 70.
1.構成
 図15は、実施形態3に係るホームGW10の記憶部11が記憶する基本記憶テーブルの構成を示す図である。 1. Configuration FIG. 15 is a diagram illustrating a configuration of a basic storage table stored in the storage unit 11 of the home GW 10 according to the third embodiment.
 ホームGW10の記憶部11の基本記憶テーブルには、当該ホームGWのID、携帯端末のID、登録状態(有効/無効)、認証キー、開閉可能なゲートのリストが記録されている。また、ホームGW10の記憶部11の基本記憶テーブルには、ゲート1の無線AP1のアドレス、ゲート1の無線AP1のパスワードが記録されている。携帯端末のID、携帯端末の登録状態(有効/無効)を複数記録可能である。1つの住宅に複数台の携帯端末が存在することがあるからである。ゲートが複数存在する場合は、ゲート毎にゲート1と同様の項目を記録可能である。 In the basic storage table of the storage unit 11 of the home GW 10, an ID of the home GW, an ID of the mobile terminal, a registration state (valid / invalid), an authentication key, and a list of gates that can be opened and closed are recorded. Further, the address of the wireless AP 1 of the gate 1 and the password of the wireless AP 1 of the gate 1 are recorded in the basic storage table of the storage unit 11 of the home GW 10. A plurality of portable terminal IDs and portable terminal registration states (valid / invalid) can be recorded. This is because a plurality of mobile terminals may exist in one house. When there are a plurality of gates, the same items as those of the gate 1 can be recorded for each gate.
 ホームGW10の登録管理部12は、通信部13から受信した携帯端末70のIDを記憶する。また、登録管理部12は認証キーを生成し、認証キーと、デフォルトおよび契約により通過可能なゲートに設置されている無線AP40のアドレスとそのパスワードのリストを携帯端末70に返送する。 The registration management unit 12 of the home GW 10 stores the ID of the mobile terminal 70 received from the communication unit 13. In addition, the registration management unit 12 generates an authentication key, and returns to the portable terminal 70 the list of the authentication key, the address of the wireless AP 40 installed in the gate that can be passed by default and contract, and the password.
 携帯端末70の登録部74は、認証キーと、無線AP40のアドレスとそのパスワードのリストを記憶部73に記憶する。これにより、携帯端末70の認証制御部75が動作できるようになる。 The registration unit 74 of the portable terminal 70 stores the authentication key, the wireless AP 40 address and a list of passwords in the storage unit 73. As a result, the authentication control unit 75 of the mobile terminal 70 can be operated.
 ホームGW10の登録処理部は、登録した携帯端末70のIDと、認証キーと、無線AP40のアドレスとそのパスワードのリストをサーバ60に送信する。サーバ60の登録処理部64は、携帯端末70のIDと、認証キーと、無線AP40のアドレスとそのパスワードのリストを記憶部63に記憶する。 The registration processing unit of the home GW 10 transmits to the server 60 a list of the registered mobile terminal 70 ID, authentication key, wireless AP 40 address, and password. The registration processing unit 64 of the server 60 stores the ID of the mobile terminal 70, the authentication key, the address of the wireless AP 40, and a list of passwords in the storage unit 63.
2.動作
2-1.ホームGWの登録管理部の動作
 図16は、実施形態3に係るホームGW10の登録管理部12の動作を説明するフローチャートである。 2. Operation 2-1. Operation of Registration Management Unit of Home GW FIG. 16 is a flowchart for explaining the operation of the registration management unit 12 of the home GW 10 according to the third embodiment.
 ホームGW10の登録管理部12は、携帯端末70から入出門用の登録要求を受信する(S71)。 The registration management unit 12 of the home GW 10 receives an entry / exit registration request from the mobile terminal 70 (S71).
 ホームGW10の登録管理部12は、認証キーを生成し、携帯端末70のIDとともに保存する(S72)。 The registration management unit 12 of the home GW 10 generates an authentication key and stores it together with the ID of the mobile terminal 70 (S72).
 ホームGW10の登録管理部12は、認証キー、所定ゲートの無線AP40のアドレス/パスワードを携帯端末70に送信する(S73)。 The registration management unit 12 of the home GW 10 transmits the authentication key and the address / password of the wireless AP 40 of the predetermined gate to the portable terminal 70 (S73).
 ホームGW10の登録管理部12は、認証キー、携帯端末70のIDをサーバ60に送信する(S74)。 The registration management unit 12 of the home GW 10 transmits the authentication key and the ID of the portable terminal 70 to the server 60 (S74).
 ホームGW10の登録管理部12は、携帯端末70の登録状態を有効に変更する(S75)。 The registration management unit 12 of the home GW 10 effectively changes the registration state of the mobile terminal 70 (S75).
2-2.サーバの登録処理部の動作
 図17は、実施形態3に係るサーバ60の登録処理部64の動作を説明するフローチャートである。 2-2. Operation of Registration Processing Unit of Server FIG. 17 is a flowchart for explaining the operation of the registration processing unit 64 of the server 60 according to the third embodiment.
 サーバ60の登録処理部64は、ホームGW10から入出門用の携帯端末70の登録要求を受信する(S81)。 The registration processing unit 64 of the server 60 receives a registration request for the entrance / exit mobile terminal 70 from the home GW 10 (S81).
 サーバ60の登録処理部64は、登録要求に含まれた認証キー、無線AP40のアドレス/パスワードを、ホームGW10のID・携帯端末70のIDとともに保存する(S82)。 The registration processing unit 64 of the server 60 stores the authentication key and the address / password of the wireless AP 40 included in the registration request together with the ID of the home GW 10 and the ID of the portable terminal 70 (S82).
2-3.本実施形態の変形例
 ホームGW10は、各ゲートの無線AP40とそのパスワードを保持せず、携帯端末70から登録要求があったときに、サーバ60から取得するようにしてもよい。 2-3. Modified Example of the Present Embodiment The home GW 10 may not acquire the wireless AP 40 of each gate and its password, and may acquire it from the server 60 when there is a registration request from the mobile terminal 70.
3.まとめ 3. Summary
 本実施形態のホームGW10は、宅内に配置され、ゲート(開閉装置)の開閉を制御するゲートウェイ装置である。ホームGW10は、携帯端末70から携帯端末識別情報(携帯端末70のID)を受信し、受信した携帯端末識別情報に対する認証情報(認証キー、無線AP40のアドレス及びパスワード、サーバ60のアドレス)を生成し、生成した認証情報を携帯端末70に送信する。認証情報は、携帯端末70が、ゲートに、ゲートを開くためのゲート開信号を送信するために使用される。 The home GW 10 of the present embodiment is a gateway device that is arranged in a house and controls the opening and closing of a gate (opening / closing device). The home GW 10 receives mobile terminal identification information (ID of the mobile terminal 70) from the mobile terminal 70, and generates authentication information (authentication key, wireless AP 40 address and password, server 60 address) for the received mobile terminal identification information. Then, the generated authentication information is transmitted to the mobile terminal 70. The authentication information is used for the portable terminal 70 to transmit a gate opening signal for opening the gate to the gate.
 これにより、登録および認証キー生成に関するサーバ60の処理負荷をホームGW10に分散することができる。そのため、ユーザの認証キーの取得、有効化・無効化を迅速に行うことができる。 Thereby, the processing load of the server 60 relating to registration and authentication key generation can be distributed to the home GW 10. Therefore, acquisition, validation / invalidation of the user authentication key can be performed quickly.
(実施形態4)
 実施形態4では、携帯端末70の認証制御部75がサーバ60にゲート開メッセージを所定回数送信した場合、認証キーを無効とする。また、登録部74がホームGW10に再登録要求を送信した場合、認証キーを有効とする。 (Embodiment 4)
In the fourth embodiment, when the authentication control unit 75 of the mobile terminal 70 transmits a gate opening message to the server 60 a predetermined number of times, the authentication key is invalidated. When the registration unit 74 transmits a re-registration request to the home GW 10, the authentication key is validated.
1.構成
 サーバ60の認証処理部65は、所定回数、携帯端末70からのゲート開要求を受信した場合に、該当携帯端末70の認証キー、即ち登録状態を無効にする。これにより、携帯端末70の認証制御部75が動作不可となる。 1. Configuration When the authentication processing unit 65 of the server 60 receives a gate opening request from the mobile terminal 70 a predetermined number of times, the authentication processing unit 65 invalidates the authentication key of the mobile terminal 70, that is, the registration state. As a result, the authentication control unit 75 of the portable terminal 70 becomes inoperable.
 携帯端末70の登録部74は、ホームGW10に再登録要求を送信する。そして、ホームGW10の登録管理部12は、サーバ60に再登録要求を転送する。 The registration unit 74 of the mobile terminal 70 transmits a re-registration request to the home GW 10. Then, the registration management unit 12 of the home GW 10 transfers a re-registration request to the server 60.
 サーバ60の登録処理部64は、再登録要求を受信した場合、該当携帯端末70の認証キー、即ち登録状態を有効に変更する。 When receiving the re-registration request, the registration processing unit 64 of the server 60 changes the authentication key of the mobile terminal 70, that is, the registration state to be valid.
2.本実施形態の変形例
 再登録処理を行う度に、新しい認証キーを生成し、配付・更新するようにしてもよい。 2. Modification of this Embodiment Each time re-registration processing is performed, a new authentication key may be generated and distributed / updated.
 認証キーは、所定時間、使われないと無効にするようにしてもよい。 The authentication key may be invalidated if it is not used for a predetermined time.
 認証キーは、1回出門・1回入門のみ、ゲートの開操作に使えるようにしてもよい。即ち、出門時にも携帯端末70と認証キーを用いて認証制御を行うようにしてもよい。 Authentication key may be used for gate opening operation only for first entry and first entry. In other words, authentication control may be performed using the mobile terminal 70 and the authentication key even at the entrance.
 ユーザ(住人)が紛失した携帯端末70による悪意者の集合住宅構内内への侵入を防ぐため、ホームGW10に携帯端末70の登録の無効化機能を備えてもよい。 In order to prevent the Service-to-Self from entering the inside of the housing complex by the mobile terminal 70 lost by the user (resident), the home GW 10 may be provided with a function for invalidating registration of the mobile terminal 70.
3.まとめ
 本実施形態の認証制御システムによれば、認証情報は、ゲート(開閉装置)にゲート開信号が所定回数送信されたときに無効となり、その後、携帯端末70とホームGW10とが通信することによって再度有効となる。 3. Summary According to the authentication control system of the present embodiment, the authentication information becomes invalid when the gate opening signal is transmitted to the gate (opening / closing device) a predetermined number of times, and then the mobile terminal 70 and the home GW 10 communicate with each other. It becomes effective again.
 これにより、高いセキュリティ性を実現し、なりすましや不正侵入を防止することができる。 This makes it possible to achieve high security and prevent impersonation and unauthorized intrusion.
(付記)
 実施形態1、2、4において、コンピュータ(情報処理装置)を、ゲート(開閉装置)の開閉を制御する認証制御システムにおいて認証情報を生成して提供するサーバ60(サーバ装置)として機能させる認証制御プログラムが提供される。
 認証制御システムは、
  宅内に配置され、ゲートウェイ識別情報(ホームGW10のID)を有するホームGW10(ゲートウェイ装置)を備える。
 ホームGW10は、
  携帯端末70から携帯端末識別情報(携帯端末70のID)を受信し、ゲートウェイ識別情報及び携帯端末識別情報をサーバ60へ送信する。
 認証情報は、携帯端末70が、ゲートに、ゲートを開くためのゲート開信号を送信するために使用される。
 認証制御プログラムは、コンピュータを、
  ホームGW10から受信したゲートウェイ識別情報を認証することによって携帯端末識別情報に対する認証情報を生成し、
  生成した認証情報を携帯端末に送信するサーバ60として機能させる。 (Appendix)
In the first, second, and fourth embodiments, authentication control that causes a computer (information processing device) to function as a server 60 (server device) that generates and provides authentication information in an authentication control system that controls opening and closing of a gate (opening and closing device). A program is provided.
The authentication control system
The home GW 10 (gateway device) is provided in the house and has gateway identification information (ID of the home GW 10).
Home GW10
Mobile terminal identification information (ID of the mobile terminal 70) is received from the mobile terminal 70, and the gateway identification information and the mobile terminal identification information are transmitted to the server 60.
The authentication information is used for the portable terminal 70 to transmit a gate opening signal for opening the gate to the gate.
The authentication control program
Generating authentication information for the mobile terminal identification information by authenticating the gateway identification information received from the home GW 10;
The generated authentication information is caused to function as a server 60 that transmits to the mobile terminal.
 本発明の認証制御方法及びプログラムは、実施形態1、2、4及びその変形例において具現化される。プログラムは、記憶媒体に記憶された状態で提供されるものであってもよい。 The authentication control method and program of the present invention are embodied in the first, second, and fourth embodiments and their modifications. The program may be provided in a state stored in a storage medium.
10 ホームGW
11 記憶部
12 登録管理部
13 通信部
20 無線AP
30 ルータ
40 無線AP
60 サーバ
61 入出門認証サーバ
62 通信部
63 記憶部
64 登録処理部
65 認証処理部
66 開閉制御部
70 携帯端末
71 入出門認証クライアント
72 通信部
73 記憶部
74 登録部
75 認証制御部 10 Home GW
11 Storage Unit 12 Registration Management Unit 13 Communication Unit 20 Wireless AP
30 router 40 wireless AP
60 server 61 entrance / exit authentication server 62 communication unit 63 storage unit 64 registration processing unit 65 authentication processing unit 66 opening / closing control unit 70 portable terminal 71 entrance / exit authentication client 72 communication unit 73 storage unit 74 registration unit 75 authentication control unit

Claims (5)

  1.  開閉装置の開閉を制御する認証制御システムであって、
     宅内に配置され、ゲートウェイ識別情報を有するゲートウェイ装置と、
     認証情報を生成して提供するサーバ装置と、を備え、
     前記ゲートウェイ装置は、
      携帯端末から携帯端末識別情報を受信し、前記ゲートウェイ識別情報及び前記携帯端末識別情報を前記サーバ装置へ送信し、
     前記サーバ装置は、
      前記ゲートウェイ装置から受信した前記ゲートウェイ識別情報を認証することによって前記携帯端末識別情報に対する認証情報を生成し、
      生成した前記認証情報を前記携帯端末に送信し、
     前記認証情報は、前記携帯端末が、前記開閉装置に、前記開閉装置を開くためのゲート開信号を送信するために使用される、
    認証制御システム。     An authentication control system for controlling opening and closing of a switchgear device,
    A gateway device arranged in the house and having gateway identification information;
    A server device that generates and provides authentication information;
    The gateway device is
    Receiving portable terminal identification information from the portable terminal, transmitting the gateway identification information and the portable terminal identification information to the server device;
    The server device
    Generating authentication information for the mobile terminal identification information by authenticating the gateway identification information received from the gateway device;
    Send the generated authentication information to the mobile terminal,
    The authentication information is used by the portable terminal to transmit a gate open signal for opening the switchgear to the switchgear.
    Authentication control system.
  2.  複数の開閉装置が設けられている場合に、
     前記サーバ装置は、
      前記携帯端末識別情報に前記複数の開閉装置のうちの所定の開閉装置の識別情報を対応付けて管理しており、
      前記ゲートウェイ装置から前記ゲートウェイ識別情報及び前記携帯端末識別情報が送信されてきたときに、前記所定の開閉装置の前記識別情報に対する認証情報を前記携帯端末識別情報に対して生成し、
      生成した前記認証情報を前記携帯端末に送信する、
    請求項1に記載の認証制御システム。     When multiple switchgears are provided,
    The server device
    The mobile terminal identification information is managed in association with the identification information of a predetermined switching device among the plurality of switching devices,
    When the gateway identification information and the portable terminal identification information are transmitted from the gateway device, authentication information for the identification information of the predetermined opening / closing device is generated for the portable terminal identification information,
    Transmitting the generated authentication information to the mobile terminal;
    The authentication control system according to claim 1.
  3.  前記認証情報は、前記開閉装置にゲート開信号が所定回数送信されたときに無効となり、その後、前記携帯端末と前記ゲートウェイ装置とが通信することによって再度有効となる、
    請求項1または請求項2に記載の認証制御システム。     The authentication information becomes invalid when a gate opening signal is transmitted to the opening / closing device a predetermined number of times, and then becomes valid again by communication between the portable terminal and the gateway device.
    The authentication control system according to claim 1 or 2.
  4.  宅内に配置され、開閉装置の開閉を制御するゲートウェイ装置であって、
      携帯端末から携帯端末識別情報を受信し、受信した前記携帯端末識別情報に対する認証情報を生成し、
      生成した前記認証情報を前記携帯端末に送信し、
     前記認証情報は、前記携帯端末が、前記開閉装置に、前記開閉装置を開くためのゲート開信号を送信するために使用される、
    ゲートウェイ装置。     A gateway device that is arranged in a house and controls the opening and closing of the switchgear,
    Receiving mobile terminal identification information from the mobile terminal, generating authentication information for the received mobile terminal identification information,
    Send the generated authentication information to the mobile terminal,
    The authentication information is used by the portable terminal to transmit a gate open signal for opening the switchgear to the switchgear.
    Gateway device.
  5.  開閉装置の開閉を制御する認証制御システムによる認証制御方法であって、
     前記認証制御システムは、
     宅内に配置され、ゲートウェイ識別情報を有するゲートウェイ装置と、
     認証情報を生成して提供するサーバ装置と、を備えたものであり、
     前記ゲートウェイ装置において、
      携帯端末から携帯端末識別情報を受信し、前記ゲートウェイ識別情報及び前記携帯端末識別情報を前記サーバ装置へ送信し、
     前記サーバ装置において、
      前記ゲートウェイ装置から受信した前記ゲートウェイ識別情報を認証することによって前記携帯端末識別情報に対する認証情報を生成し、
      生成した前記認証情報を前記携帯端末に送信し、
     前記認証情報は、前記携帯端末が、前記開閉装置に、前記開閉装置を開くためのゲート開信号を送信するために使用される、
    認証制御方法。     An authentication control method by an authentication control system for controlling opening and closing of a switching device,
    The authentication control system includes:
    A gateway device arranged in the house and having gateway identification information;
    And a server device that generates and provides authentication information,
    In the gateway device,
    Receiving portable terminal identification information from the portable terminal, transmitting the gateway identification information and the portable terminal identification information to the server device;
    In the server device,
    Generating authentication information for the mobile terminal identification information by authenticating the gateway identification information received from the gateway device;
    Send the generated authentication information to the mobile terminal,
    The authentication information is used by the portable terminal to transmit a gate open signal for opening the switchgear to the switchgear.
    Authentication control method.
PCT/JP2015/000534 2014-02-06 2015-02-05 Authentication control system, and gateway device WO2015118877A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2014-021448 2014-02-06
JP2014021448A JP6273572B2 (en) 2014-02-06 2014-02-06 Authentication control system, gateway device

Publications (1)

Publication Number Publication Date
WO2015118877A1 true WO2015118877A1 (en) 2015-08-13

Family

ID=53777689

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2015/000534 WO2015118877A1 (en) 2014-02-06 2015-02-05 Authentication control system, and gateway device

Country Status (2)

Country Link
JP (1) JP6273572B2 (en)
WO (1) WO2015118877A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018202516A1 (en) * 2017-04-25 2018-11-08 Disruptive Technologies Research As Variable length addressing scheme

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009033426A (en) * 2007-07-26 2009-02-12 Panasonic Electric Works Co Ltd Device control system
JP2012144899A (en) * 2011-01-12 2012-08-02 Nec Casio Mobile Communications Ltd Electronic key management device, locking/unlocking system, electronic key management method and program

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004360222A (en) * 2003-06-02 2004-12-24 Ntt Docomo Inc Authentication information distribution server
JP2007079915A (en) * 2005-09-14 2007-03-29 Nec Corp Electronic ticket system
JP2008039830A (en) * 2006-08-01 2008-02-21 Sharp Corp Map information providing system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009033426A (en) * 2007-07-26 2009-02-12 Panasonic Electric Works Co Ltd Device control system
JP2012144899A (en) * 2011-01-12 2012-08-02 Nec Casio Mobile Communications Ltd Electronic key management device, locking/unlocking system, electronic key management method and program

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018202516A1 (en) * 2017-04-25 2018-11-08 Disruptive Technologies Research As Variable length addressing scheme

Also Published As

Publication number Publication date
JP2015148944A (en) 2015-08-20
JP6273572B2 (en) 2018-02-07

Similar Documents

Publication Publication Date Title
WO2017075952A1 (en) Method and device for controlling intelligent door lock, and intelligent door control system
KR101829018B1 (en) Digital doorlock system
KR101570601B1 (en) An access control method using the mobile device
US20180359635A1 (en) Securitization of Temporal Digital Communications Via Authentication and Validation for Wireless User and Access Devices
CN106204864A (en) Gate control system based on dynamic two-dimension code and door opening method
CN104732636A (en) Bluetooth cellphone-based intelligent community access control system and method
CN103021045A (en) Intelligent entrance guard system for mobile terminal user verification
KR101960799B1 (en) biometric recognition access control system having IoT and its control methods
KR20160140363A (en) Method for providing door-lock control service based on internet of things and server for providing service
KR101855494B1 (en) Door system and method using mobile device
KR102019097B1 (en) Vehicle access control system and method through code display
JP2012144899A (en) Electronic key management device, locking/unlocking system, electronic key management method and program
KR20120103827A (en) System and method for controlling door lock
CN106355709A (en) Access control system and door opening method based on dynamic quick response code
KR20160070413A (en) Common entrance door opening system and method using a smartphone
KR102063569B1 (en) Method and apparatus for controlling a door opening using a portable terminal
KR20180062692A (en) Method, user terminal, door lock device and entry security system for controlling of opening and closing door
JP6411903B2 (en) Gate control system
JP6218671B2 (en) Automatic door electronic lock control system
KR20160016244A (en) Method for Authentication between Controller and User Terminal through Near Field Communication
JP6273572B2 (en) Authentication control system, gateway device
KR102339318B1 (en) System for controlling entrance using public key infrastructure
KR20190135269A (en) Access control system and method based on combination of authentications
JP6662056B2 (en) Authentication system, personal digital assistant, server, and authentication program
JP4200347B2 (en) Lock control system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15746553

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15746553

Country of ref document: EP

Kind code of ref document: A1